cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Musicians, convert your MuseScore files to PDF to play music on the go! Learn more here.

Dropbox API Support & Feedback

Find help with the Dropbox API from other developers.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: Unable to get long lived access tokens.

Labels:

Unable to get long lived access tokens.

OperationsDreaming
New member | Level 2
‎03-22-2022 11:21 AM
Go to solution

Hello there!

 

I'm trying to get an access token that doesn't expire. A long-lived access token. For now, when I generated an access token from the App Console, the session will expire after x hours and won't give me a refresh token either.

I've checked the authentication documentation: 

 

https://developers.dropbox.com/oauth-guide#implementing-oauth

 

But I can't find the Access Token Expiration like the documentation shows:

 

dropbox generate.png

 

 

Mine is displayed like this: 

 

Screen Shot 2022-03-22 at 11.08.10 AM.png


As you can see, the option for the Expiration is missing. 


So I kept looking and came across a similar question on the forums and I followed every step: 

https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Tokens-only-valid-for-4-hours-from-app-...

 

Still can't get a long-lived access token.

 

Here's a test code: 

 

 

 

access_token = "sl-ABC" # I want a long lived one.
app_key = "xyz"
dbxTeam: dropbox = dropbox.DropboxTeam(oauth2_access_token=access_token, app_key=app_key)
print('Dbx Team is: ', dbxTeam.as_user('dbmid:MY_USER_ID').users_get_current_account())

 

 

 

output:

 

 

 

{
'_oauth2_access_token':'sl....',
'_oauth2_refresh_token': None,
'_oauth2_access_token_expiration': None,
'_app_key': 'xyz',
'_app_secret': None,
'_scope': None,
'_max_retries_on_error': 4,
'_max_retries_on_rate_limit': None,

'_session': <requests.sessions.Session object at 0x1083b1730>,
'_headers': None,
'_raw_user_agent': None,
'_user_agent': 'OfficialDropboxPythonSDKv2/11.28.0',
'_logger': <Logger dropbox (WARNING)>,
'_host_map': {'api': 'api.dropboxapi.com',
'content': 'content.dropboxapi.com',
'notify': 'notify.dropboxapi.com'},
'_timeout': 100}

 

 


Any ideas on how to get a token that won't expire?

 

Labels:
  • 0 Likes
  • 15 Replies
  • 6,154 Views
0 Likes
1 Accepted Solution

Accepted Solutions

Здравко
Legendary | Level 20
‎03-22-2022 12:23 PM
Go to solution

Hi @OperationsDreaming,

Take a look on https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/Need-Permanant-Access-token-for-drop-b... 😉

In short - there is no more long lived access token and you should add refresh token in your code.

Hope this helps.

View solution in original post

15 Replies 15

Здравко
Legendary | Level 20
‎03-22-2022 12:23 PM
Go to solution

Hi @OperationsDreaming,

Take a look on https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/Need-Permanant-Access-token-for-drop-b... 😉

In short - there is no more long lived access token and you should add refresh token in your code.

Hope this helps.

Greg-DB
Dropbox Staff
‎03-22-2022 12:53 PM
Go to solution

@OperationsDreaming Здравко is correct. You'll need to implement support for refresh tokens. You can find example code for for the Python SDK here:

OperationsDreaming
New member | Level 2
‎03-22-2022 05:45 PM
Go to solution

Thank you @Здравко and @Greg-DB

 

 

This works! 

0 Likes

marksmithhfx
Explorer | Level 4
‎03-24-2022 06:49 AM
Go to solution

I have been using the long lived access token you can request when you setup your app, and have that embedded in my app. I use it to send a "synchronizing" file to DB whenever I make changes. I don't need to re-authenticate. My question is, if I know allow users to do the same thing, they will need to authenticate and I will get a short lived AT and a refresh AT. How much additional latency will they experience converting the AT from refresh to short lived? Currently the total latency to connect to DB and upload a file from my app is < 1/2 second, or barely noticeable. Will all of the "re-allocation" steps add significantly to this.

 

Thank you. 

0 Likes

Здравко
Legendary | Level 20
‎03-25-2022 08:14 AM
Go to solution

Hi @marksmithhfx,

Your question is very generic, so it's difficult to receive exact answer. Additional time consumption is on refresh only. Since data size transferred is relatively negligible, establishing secure connection gets primary weight. In other words additional time depends on your connection latency more than the connection speed.

Other point you should consider, on evaluation, is usage time profile - i.e. how often, relatively, refresh will take on. Let's recall additional time will be added on refresh only, so if your usage profile predispose many calls in a 4 hours time frame, weight of the refresh will be negligible. If your calls bring up on intervals bigger than 4 hours then the relative weight might be bigger (on every calls burst - one refresh). Once the refresh take place, no difference can be expected for rest of calls - they are the same (no additional delay per call).

The best way to figure out exact answer in your particular conditions is... the check. 😉 Most probably it will be negligible.

Good luck.

marksmithhfx
Explorer | Level 4
‎03-25-2022 08:52 AM
Go to solution

Thanks. Great answer, and very reassuring. I will give it a go. 

0 Likes

marksmithhfx
Explorer | Level 4
‎04-13-2022 06:53 AM
Go to solution

Well, as indicated in my previous response I have been "giving this a go" but with only partial success. 

When I send my app key, app secret, scopes, port and “offline” to https://www.dropbox.com/oauth2/authorize

I get back the following:

 

Array

..          [account_id] => dbid:AAB27TU-12HrF0rn….

..          [refresh_token] => 29hxFtf-fnoAAAAAAAAAAQe….

..          [expires_in] => 14400

..          [uid] => 16196036

..          [scope] => account_info.read files.content.read files.content.write files.metadata….

..          [access_token] => sl.BFo00immyYa18QPnbABlmng….

..          [token_type] => bearer

 

Which is all well and good because what I want is a refresh token that I can use to request a sl. access token when the current one expires. This should also demonstrate that I know how to send an app key, secret, port and token_access_type to the URL provided.

 

However, when I send my grant type, refresh_token, app key and secret to https://api.dropbox.com/oauth2/token like it suggests in the guidance below (from the Developers guidelines) I always get an Error 404 page not found. I’ve also tried sending to https://api.dropboxapi.com/oauth2/token but get the same result. What am I doing wrong?

 

curl https://api.dropbox.com/oauth2/token \
    -d grant_type=refresh_token \
    -d refresh_token=<REFRESH_TOKEN> \
    -u <APP_KEY>:<APP_SECRET>

 

BTW, both end points (api.dropbox.com and api.dropboxapi.com) are given in the docs. I tried them both. Both were 404.

 

Thanks

0 Likes

Greg-DB
Dropbox Staff
‎04-13-2022 07:42 AM
Go to solution

@marksmithhfx Is that the exact code you're running? It looks correct, and it does work for me when I plug in my values. There may be something about how your client is formatting the request causing it to fail. Perhaps you can share the actual request/response you're getting (just redacting the sensitive values) so I can take a look.

0 Likes

marksmithhfx
Explorer | Level 4
‎04-13-2022 08:43 AM
Go to solution

"Is that the exact code you're running?" 

 

No, not exactly. I am using an OAuth2 package in the application development environment (it's like a fancy Visual BASIC) I am using. To get the refresh_token I was using this code (with redactions):

 

constant kAuthURL = "https://www.dropbox.com/oauth2/authorize"

constant kTokenURL = "https://api.dropboxapi.com/oauth2/token"

constant kClientID = "redacted" -- client here means this application, not this user

constant kClientSecret = "redacted" -- secret here is for this application, not this user

constant kScopes = ""

constant kPort = "54303"

 

since there is no parameter for token_access_type that is handled with:

put "offline" into tParams["token_access_type"]

then the call to OAuth2 itself...

 

OAuth2 kAuthURL, kTokenURL, kClientID, kClientSecret, kScopes, kPort, tParams

 

which successfully returned the array (actually JSON dictionary converted to array) I posted earlier. 

 

This is the extent of the API I have, so I was trying to model the next step by writing:

put "refresh_token" into tParams["grant_type"]

put RefreshToken into tParams["refresh_token"] -- a var that contains the refresh token returned in the first step

-- I tested that both of these array values were properly formatted

 

and then calling:

 

OAuth2 kTokenURL, kClientID, kClientSecret, tParams

 

But all I get is a 404 Page not found error. I was hoping to get something more useful back (maybe you could think of a way I can do that?) so I could start to debug this, but all I get is the 404. 

 

PS I did notice in the documentation that "authorization" is listed as a GET method and "token" as a POST method, but since I am not conversant in HTML that didn't mean anything to me. However, that might be the root cause of the problem. The application API might be formatting both as GET statements instead of the required POST one. (I should probably lookup GET and POST). Thanks

 

 

 

 

0 Likes
Need more support?